Wednesday, January 22, 2014

Fascist Phone Bugging in Ukraine

“Dear subscriber, you are registered as a participant in a mass disturbance.”

If you are a protester, then you better drop your phone into a river:
http://motherboard.vice.com/en_ca/blog/maybe-the-most-orwellian-text-message-ever-sent

This appears to be one of the first public uses of a military portable nano cell site against citizens.

Some examples of military small cell systems:
http://xtca-systems.com/articles/optimizing-cell-defense-networks/

http://www.dailywireless.org/2012/11/19/uavs-flying-cell-towers/

http://www.dailywireless.org/2013/07/30/cell-tower-in-a-balloon/

One of the military EW techniques applied to identification of cell phones:
http://www.dence.de/theme/Cakestrap/doc/Hasse13_GSMMobilePhoneIdentification.pdf

This way one can create a modern fascist state, with no need for the traditional use of Nosy Parkers to spy on their neighbours.

It can only get worse.

Ubuntu Alternate Desktops

Ubuntu Insecurity

The default Ubuntu Linux Unity desktop is insecure and sends data to Canonical and others.  It can be configured so it won’t do that, but there is no easy way to prove that the fix actually works and any Unity desktop is automatically suspect.  Therefore it is best avoided altogether.

All Linux distributions allow you to install multiple desktop systems and then select the one you want to use when you log in.  So, if you really want a nice and slow system and receive targeted spam, select Unity.  Otherwise, for a more responsive and secure system, select something else.

Fix it

Click the lens at the top left, search for a 'terminal' and install the XFCE desktop:
$ sudo apt-get install linux-headers-$(uname -r) build-essential xubuntu-desktop

That lot will ensure that you can use the system for software development as well. 

Similarly, you can also experiment with LXDE, an even more snappy and somewhat simpler desktop alternative:
$ sudo apt-get install  lubuntu-desktop

Restart Using XFCE

Restart:
$ sudo reboot

When you log in, select the XFCE desktop in the round little thingy to the right of your user name.

As a bonus, your system will now run a hundred times faster as well.

Saturday, January 11, 2014

Eagle Schematic Editor

I've been using Cadsoft Eagle for the schematics of little projects (Some not so little - 8 layers!) since about 2002, but since I don't use it all the time, every day, I can never remember the main editing commands, which makes each and every new project an exercise in frustration for a few minutes, until I figured out how to get started again.

One of the funniest things of Eagle, is the Stop button - it took me a long time to discover its usefulness.  The Stop button terminates the sometimes annoying auto repeat feature of Eagle.

Lately, I'm working on a Mac, which adds another wrinkle to it.  Eagle on a Mac is almost impossible to use without a 3-button mouse, so get a proper Bluetooth mouse and save yourself from a major head-ache.

Here are some of my notes - really for my own reference, but maybe someone else finds them helpful too.

Projects

Eagle will crash if you try to create a project where it doesn't have permissions.  So be sure to open a project under something like Projects, Eagle, eagle, MyUserName

Part Libraries

The included part and footprint libraries are mostly useless.  You got to make your own parts for almost everything.  However, you could get Eagle libraries with many useful hobby parts from Sparkfun.

Here is a Sparkfun tutorial to make a new part, that I am forever going back to: https://www.sparkfun.com/tutorials/110

Here is one about sensible design rules: https://www.sparkfun.com/tutorials/115

Schematic frame

Click Components, then search for Frame or Letter and place it at the origin marker.  Now you can place components inside the frame and describe the project in the title block.

Moving things in Eagle

To me, the most difficult thing to do is to move parts or footprints in the parts editor:

  • Click Group, click drag to draw a group over the parts and lines.
  • Click Move, then use Right Click (Ctrl Click on Mac, then click Move:Group) to pick up and move then Right Click (Click onMac) to drop.  
It will need practise whichever way you do it, but it works if you (accidentally) happen to do it right - bah, humbug...

Place and Rotate

First place the component, then Right Click (Ctrl-Click on a Mac) on the component to get a long menu that includes a Rotate command

Hidden Power Pins

Logic ICs and dual Op-Amps may have invisible power pins, which may automagically get connected to the wrong power rails.  Hiding pins is one of the dumbest ideas ever - whoever thought of that deserves seven lashes with a wet noodle.

Right Click, Invoke (Ctrl Click, Invoke on a Mac) to get a selection box for the invisible pins.
You can then attach them to one of the instances of the part.

Installing Eagle on Linux

Eagle is a 32 bit application, so before running the ./eagle-lin-6.4.0.run script, you got to do some tricks:
# yum install openssl-libs-1.0.1e-38.fc20.i686 openssl-libs-1.0.1e-38.fc20.x86_64 openssl-devel-1.0.1e-38.fc20.i686 openssl-devel-1.0.1e-38.fc20.x86_64 -y
# cd /usr/lib
# ln -s /usr/lib/libssl.so libssl.so.1.0.0
# ln -s /usr/lib/libcrypto.so libcrypto.so.1.0.0

and finally to give eagle a place to play in:
$ mkdir ~/eagle

Now Eagle should install and run:
$ /opt/eagle-6.4.0/bin/eagle

For pointy clicky access, make a desktop launcher for that.

Fedora 20 on Virtualbox

I have a love hate relationship with my Mac.  It is a great machine, but OSX is kinda clunky in some respects.

One way to alleviate the pain is to run Linux in a virtual machine.  My favourite most hated Linux is Fedora.  It is somewhat bleeding edge, so sometimes it is good and sometimes it is badly broken and fixing it is half the fun.

So, if you also need a Linux fix, here is a brief Fedora 20 how to guide.

Make a VM

On a Mac, forget about 2D or 3D acceleration in a VM, so any graphics is going to be sloooow.  This applies to VMware, Parallels and Virtualbox, so you can just as well use the free one and you have to use a light desktop system, since any fancy windowing features are going to be a drag.

Download Fedora 20 LXDE spin here:
  • Make a VM with 3GB RAM and 20GB HDD and enable all four Processor cores, to get some speed in the VM.
  • Select the ISO file in the Settings, Storage, CDROM property
  • Do not use LVM - keep it simple
  • Btrfs is probably better
  • Always encrypt your file systems!
Once done, shut down and unmount all CDs under Settings, Storage, CDROM

Finally, reboot.

Development Tools

After the reboot, open a terminal and su - to root.

Install the compiler and headers so that you can develop and compile programs:
# yum group list

The group names are forever changing, so verify the following with the previous:
# yum groupinstall “Development Tools” “C Development Tools and Libraries” -y
# yum install "kernel-devel" -y

Also consider adding the wizards  "system-config-users" and "system-config-services".

Go and get some coffee or tea…

Update the System

A brand new system, is already out of date...
# yum update -y

Go and get a malt beverage…

Then Reboot the virtual machine before attempting to install the Guest Additions.

Guest Additions

Now go to Devices and select “Install Guest Additions”.  This will place some VBOX... thingy on the desktop.  Double click this thingy and it will be mounted under /run/media/yourusername/VBOX

Run the Linux script called VBoxLinuxAdditions.run to install the guest additions.

Now Reboot again, to make it all take effect.

The display resizing and mouse will now work a whole lot better and you can copy/paste and mount local disk directories on the host with Devices, Shared Folders and Settings.  It is best not to store any data inside the VM - keep data on the host.

With LXDE, go to Preferences, Openbox Configuration Manager and unselect Update Window Contents While Resizing.  This will allow windows to be dragged about smoothly despite the lack of 2D accelerationThe whole GUI will then be quite snappy.

Disable Some Useless Features

Disable the screensaver and power management, Bluetooth, Avahi and Smart daemons, since these don’t make sense in a VM in my use scenario.  Then enable bidirectional copy/paste and drag/drop in the Devices menu.

Reboot again and you should now have a nice and snappy F20 virtual machine.

Install Autoten and Multi-Media Libraries and CODECs 

Get the little script Autoten here: http://www.autoten.co.uk

Install all the music, video and graphics related things.

Note that the Autoten Zenity GUI is a little messed up in F20, but it still works, just be patient with it.

Install Useful Utilities

I always install the following utilities to help me at the office with pesky PDF and other documents:
# yum install xournal pdfshuffler pdfeditor gimp libreoffice xsane

Finally, I install an online radio system, so I can listen to my favourite European radio stations and make recordings to play in my car, since Abu Dhabi Classic gets rather trying after a few years:
# yum install streamtuner

Host File Sharing

Go to Users and Groups (the system-config-users wizard) and add yourself to the group vboxsf, so that you can access shared directories on the host.

Backup

At this point, consider using either the Virtualbox Clone function or a tar archive to save a copy of it.  Then, if you need another VM, you can simply copy it from backup.

La voila!

Herman

Saturday, January 4, 2014

CRCs and Serial Ports


Scope

This mini guide explains how to append messages with CRCs and send them to a serial port.  Operating a serial port from the Linux Bash shell is very obscure and precious few people know how to do it.

Once you know the tricks, it is extremely powerful and a big time saver over the more complicated and error prone alternatives.

Also see this: http://www.aeronetworks.ca/2014/07/fletcher-checksum-calculator-in-bash.html

Get a set of CRC utilities from here:

http://www.hampa.ch/misc-utils/index.html
http://www.hampa.ch/misc-utils/misc-utils-0.2.2.tar.gz

Install the tools:
$ cd
$ mkdir misc
$ cd misc
$ wget http://www.hampa.ch/misc-utils/misc-utils-0.2.2.tar.gz
$ tar -zxvf misc-utils-0.2.2.tar.gz
$ ./configure
$ make
$ su
password
# make install

CRC Message Preparation:

Prepare a message step by step:
$ echo -en "\xa5\x10\x01\xca" > msg
$ hex msg
A5 10 01 CA # 00000000  ....
$ crc -g crc16 msg
41cf

Or modify the message file on the fly:
$ crc -b -g crc16 msg >> msg
$ hex msg
A5 10 01 CA 41 CF # 00000000  ....A.

Or do it all in one line:
$  echo -en "\xa5\x10\x01\xca" | crc -b -g crc16 - >> msg

Serial Port Tricks

Set the serial port in raw mode and configure it:
# stty -F /dev/ttyUSB0 raw
# stty -F /dev/ttyUSB0 19200

Prepare a message with a CRC16 and send it straight to the serial port:
$  echo -en "\xa5\x10\x01\xca" | crc -b -g crc16 - >> /dev/ttyUSB0

Thursday, January 2, 2014

Opportunistic Encryption - Rewarding Good Behaviour

Years ago, the OpenSWAN project tried to implement IPV6 with opportunistic encryption, but the project failed due to ever increasing complexity.  Some alleged that the increasing encryption complexity and failure was pushed by NSA agents working inside OpenSWAN.  Be that as it may, there is new activity now, as a collective knee-jerk reaction against the pervasive snooping.

Skype used to be a secure product and became immensely popular, because it was very easy to use, but it was purchased by Microsoft - a company world renowned for its insecure software products - and all calls are now recorded.  I don't like having a PFY American Military Policemen sitting in on every call I make, so I started to look for alternatives.

One project of note, is the Redphone Android App from Whisper Systems:
https://whispersystems.org/

This is a neat application for Android Smart Phones which can save you oodles of money, and also help you claw back some of your lost privacy.

Redphone installs on your Android phone and hooks into the regular phone dialler such that when you call someone who also has Redphone installed, then the call will proceed over the data network, securely encrypted end to end - if not, then the call will proceed normally.  The result is that you will save money - especially when calling friends in other countries, same as with Skype, Ekiga or Jitsi.

Simply install Redphone and call people as usual.  If they don't have it, then you will get the option to send them a download link.  If they do have it, then you will get the option to use the lower cost internet link.  Whatever you do, you can always talk to them normally too, so you get the best of both worlds.

Redphone is very easy to use and easy to install.  The system sends a SMS to the phone to generate a key and then it Just Works.  (If you want to create a new key, just re-register the phone.)

Textsecure, another app by Whisper Systems, does the same thing for SMS messages.

To me, the brilliance of this approach is that it provides everyone with a financial incentive to improve their security.